auth-py: AWS Lambda Support + Workflow Test

Signed-off-by: Alan Nair <[email protected]>

.github/workflows/e2e-auth.yml

@@ -13,7 +13,7 @@ on:
       - "runner/**"
 
   pull_request:
-    branches: [main]
+    branches: [main, auth-multicloud]
     paths:
       - "benchmarks/auth/**"
       - "utils/**"
@@ -25,6 +25,13 @@ env:
   GO111MODULE: on
   PORT: 50051
   PLATFORMS: linux/amd64,linux/arm64
+  AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY }}
+  AWS_ACCESS_KEY: ${{ secrets.AWS_ACCESS_KEY }}
+  AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_KEY }}
+  AWS_SECRET_KEY: ${{ secrets.AWS_SECRET_KEY }}
+  AWS_DEFAULT_REGION: 'us-west-1'
+  AWS_REGION: 'us-west-1'
+  AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
 
 jobs:
   build-and-push:
@@ -33,13 +40,13 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        include:
-          - service: auth-go
-            target: authGo
-          - service: auth-python
-            target: authPython
-          - service: auth-nodejs
-            target: authNodeJS
+        service:
+          [
+            auth-go,
+            auth-python,
+            auth-nodejs,
+            auth-python-lambda,
+          ]
 
     steps:
       - name: Check out code into the Go module directory
@@ -64,18 +71,23 @@ jobs:
         id: buildx
         uses: docker/setup-buildx-action@v2
 
+      - name: Install AWS CLI
+        uses: unfor19/install-aws-cli-action@master
+        with:
+          version: '2'
+
       - name: Set up Python version
         uses: actions/setup-python@v4
         with:
-          python-version: "3.8"
+          python-version: "3.9"
 
       - name: Set up python dependencies
-        working-directory: benchmarks/auth/python
         run: |
           python3 -m pip install --upgrade pip
           python3 -m pip install wheel ez_setup setuptools
           GRPC_PYTHON_BUILD_SYSTEM_ZLIB=true
-          python3 -m pip install -r requirements.txt
+          python3 -m pip install -r benchmarks/auth/python/requirements/common.txt
+          python3 -m pip install -r runner/aws_lambda_scripts/requirements.txt
 
       - name: Setup go dependencies
         working-directory: benchmarks/auth
@@ -86,17 +98,8 @@ jobs:
           go install google.golang.org/grpc/cmd/[email protected]
 
       - name: Build and push
-        uses: docker/build-push-action@v3
-        with:
-          push: true
-          file: benchmarks/auth/docker/Dockerfile
-          platforms: ${{ env.PLATFORMS }}
-          target: ${{ matrix.target }}
-          tags: vhiveease/${{ matrix.service }}:latest
-          context: .
-
-
-
+        working-directory: benchmarks/auth
+        run: make push-${{ matrix.service }}
 
   test-compose:
     name: Test Docker Compose
@@ -185,7 +188,6 @@ jobs:
           KNATIVE_DOMAIN=$INGRESS_HOST.sslip.io
           kubectl patch configmap -n knative-serving config-domain -p "{\"data\": {\"$KNATIVE_DOMAIN\": \"\"}}"
 
-
       ## Test the service
       - name: Deploy knative
         run: |
@@ -208,7 +210,6 @@ jobs:
 
           ./test-client --addr $url:$NODEPORT --name "Example text for CI"
 
-
       - name: Print logs
         if: ${{ always() }}
         run: |
@@ -223,3 +224,33 @@ jobs:
         if: ${{ always() }}
         run: |
           kubectl delete -f ${{ env.YAML_DIR }}/kn-${{ matrix.service }}.yaml --namespace default --wait
+
+  test-aws-lambda:
+    name: Test AWS Lambda Deployment
+    needs: build-and-push
+    runs-on: ubuntu-20.04
+    strategy:
+      fail-fast: false
+      matrix:
+        service:
+          [
+            auth-python-lambda,
+          ]
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v3
+        with:
+          lfs: 'true'
+
+      - name: Set up Python Dependencies for AWS Jobs
+        working-directory: runner/aws_lambda_scripts
+        run: |
+          python3 -m pip install --upgrade pip
+          python3 -m pip install wheel ez_setup setuptools
+          python3 -m pip install -r requirements.txt
+
+      - name: Deploy and Test functions from ECR container
+        working-directory: runner/aws_lambda_scripts
+        run: |
+          python aws_actions.py deploy_lambdafn_from_ecr -n ${{ matrix.service }} -f ${{ matrix.service }}
+          python aws_actions.py invoke_lambdafn -f ${{ matrix.service }} -p '{ "name": "allow" }'

benchmarks/auth/Makefile

@@ -1,51 +1,73 @@
+
 DOCKER_HUB_ACCOUNT=vhiveease
 FUNCTIONS = auth-python auth-nodejs auth-go
 ALL_IMAGES = $(addsuffix -image, $(FUNCTIONS))
+ALL_LAMBDA_IMAGES = $(addsuffix -lambda-image, $(FUNCTIONS))
+
+export AWS_REGION := ${AWS_REGION}
+export AWS_ACCESS_KEY := ${AWS_ACCESS_KEY}
+export AWS_SECRET_KEY := ${AWS_SECRET_KEY}
+export AWS_ACCOUNT_ID := ${AWS_ACCOUNT_ID}
 
 clean: clean-proto
 
 ROOT = ../../
 
-all: all_image
+all: all_image all_lambda_image
 
 all_image: $(ALL_IMAGES)
 
-
+all_lambda_image: $(ALL_LAMBDA_IMAGES)
 
 auth-python-image: docker/Dockerfile python/server.py
-	DOCKER_BUILDKIT=1 docker build \
+	DOCKER_BUILDKIT=1 docker buildx build \
 	--tag $(DOCKER_HUB_ACCOUNT)/auth-python:latest \
 	--target authPython \
 	-f docker/Dockerfile \
-	$(ROOT)
+	$(ROOT) --load
 
 
 auth-nodejs-image: docker/Dockerfile nodejs/server.js
-	DOCKER_BUILDKIT=1 docker build \
+	DOCKER_BUILDKIT=1 docker buildx build \
 	--tag $(DOCKER_HUB_ACCOUNT)/auth-nodejs:latest \
 	--target authNodeJS \
 	-f docker/Dockerfile \
-	$(ROOT)
+	$(ROOT) --load
 
 
 auth-go-image: docker/Dockerfile go/server.go
-	DOCKER_BUILDKIT=1 docker build \
+	DOCKER_BUILDKIT=1 docker buildx build \
 	--tag $(DOCKER_HUB_ACCOUNT)/auth-go:latest \
 	--target authGo \
 	-f docker/Dockerfile \
-	$(ROOT)
-
+	$(ROOT) --load
 
 
+auth-python-lambda-image: docker/Dockerfile.Lambda python/server.py
+	DOCKER_BUILDKIT=1 docker buildx build \
+	--tag $(AWS_ACCOUNT_ID).dkr.ecr.$(AWS_REGION).amazonaws.com/auth-python-lambda:latest \
+	--target authPythonLambda \
+	-f docker/Dockerfile.Lambda \
+	$(ROOT) --load
 
 
 push-%: %-image
 	docker push docker.io/$(DOCKER_HUB_ACCOUNT)/$(subst push-,,$@):latest
 
-push: $(addprefix push-, $(FUNCTIONS))
+push-%-lambda: %-lambda-image
+	aws ecr get-login-password --region $(AWS_REGION) | \
+		docker login --username AWS --password-stdin \
+		$(AWS_ACCOUNT_ID).dkr.ecr.$(AWS_REGION).amazonaws.com
+	python $(ROOT)/runner/aws_lambda_scripts/aws_actions.py create_ecr_repo -n $(subst push-,,$@)
+	docker push $(AWS_ACCOUNT_ID).dkr.ecr.$(AWS_REGION).amazonaws.com/$(subst push-,,$@):latest
+
+push: $(addprefix push-, $(FUNCTIONS)) $(addprefix push-, $(addsuffix -lambda, $(FUNCTIONS)))
 
 
 pull-%:
 	docker pull docker.io/$(DOCKER_HUB_ACCOUNT)/$(subst pull-,,$@):latest
 
-pull: $(addprefix pull-, $(FUNCTIONS))
+pull-%-lambda:
+	docker pull $(AWS_ACCOUNT_ID).dkr.ecr.$(AWS_REGION).amazonaws.com/$(subst pull-,,$@):latest
+
+pull: $(addprefix pull-, $(FUNCTIONS)) $(addprefix pull-, $(addsuffix -lambda, $(FUNCTIONS)))

benchmarks/auth/docker/Dockerfile

@@ -26,7 +26,7 @@
 ## Install gRPC and all other dependencies
 FROM vhiveease/python-slim:latest as authPythonBuilder
 WORKDIR /py
-COPY ./benchmarks/auth/python/requirements.txt ./
+COPY ./benchmarks/auth/python/requirements/common.txt ./requirements.txt
 RUN pip3 install --user -r requirements.txt
 COPY ./utils/tracing/python/tracing.py ./
 COPY ./benchmarks/auth/python/server.py ./

benchmarks/auth/docker/Dockerfile.Lambda

@@ -0,0 +1,36 @@
+# MIT License
+
+# Copyright (c) 2022 Alan Nair and The vHive Ecosystem
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in all
+# copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+
+#---------- PYTHON -----------#
+FROM public.ecr.aws/lambda/python:3.9 as authPythonLambda
+
+# Copy function code
+COPY ./utils/tracing/python/tracing.py ${LAMBDA_TASK_ROOT}
+COPY ./benchmarks/auth/python/server.py ${LAMBDA_TASK_ROOT}
+
+# Install the function's dependencies using file requirements.txt
+# from your project folder.
+COPY ./benchmarks/auth/python/requirements/aws_lambda.txt ./requirements.txt
+RUN  pip3 install -r requirements.txt --target "${LAMBDA_TASK_ROOT}"
+
+# Set the CMD to handler
+CMD [ "server.lambda_handler" ]

benchmarks/auth/python/requirements/aws_lambda.txt

@@ -0,0 +1,8 @@
+opentelemetry-api==1.3.0
+opentelemetry-exporter-zipkin==1.3.0
+opentelemetry-exporter-zipkin-json==1.3.0
+opentelemetry-exporter-zipkin-proto-http==1.3.0
+opentelemetry-instrumentation==0.22b0
+opentelemetry-instrumentation-grpc==0.22b0
+opentelemetry-sdk==1.3.0
+opentelemetry-semantic-conventions==0.22b0